package com.example.ss.config;

import com.example.ss.service.AuthFailure;
import com.example.ss.service.AuthSuccess;
import com.example.ss.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;

/**
 * @Author: xwg
 * @CreateDate: 2023/8/25
 */

@Configuration
@EnableWebSecurity
public class SecurityConfig {
    @Autowired
    private UserService userService;
    @Autowired
    private AuthSuccess authSuccess;

    @Autowired
    private AuthFailure authFailure;

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
//        登录过滤器
        return http.cors().disable()
                .csrf().disable()
                .httpBasic().disable()
                .anonymous().principal("swagger").and()
//                .anonymous().disable()


//               step1 绑定用户名 密码1
//        post  /login  username=XXx&password=YYY
                .formLogin().usernameParameter("username").passwordParameter("password")
//          step4  登录成功如何 登录失败如何
                .successHandler(authSuccess)
                .failureHandler(authFailure)
                .and()
                .userDetailsService(userService)
                .build();
//    step2 使用 用户名 查询数据库中的密码2
//    UserDetails


    }

    //    @Bean
//    public UserDetailsService userDetailsService
//   UserDetailsService
    // step3  比较密码1和密码2是否相同
    @Bean
    public PasswordEncoder passwordEncoder() {
        return NoOpPasswordEncoder.getInstance();
//        return  new BCryptPasswordEncoder;
    }
}
